Re: RSA's SecurPC not-so-"Secur"

Eric Young (eay@cryptsoft.com)
Mon, 11 May 1998 15:33:14 +1000 (EST)

• Next message: Julian Assange: "Re: RSA's SecurPC not-so-"Secur""
• Previous message: Robert Hettinga: "First meeting of DCS-NY -- The Digital Commerce Society of New York"
• Next in thread: Julian Assange: "Re: RSA's SecurPC not-so-"Secur""
• Reply: Julian Assange: "Re: RSA's SecurPC not-so-"Secur""

On Sun, 10 May 1998, Peter Gutmann wrote:
> >Windows NT supports the VirtualLock and VirtualUnlock functions, which prevent
> >data from being swapped out to disk. Unfortunately, Windows 95 (don't know
> >about Windows 98, but I doubt it) does not implement this functionality.
>
> Actually it doesn't work quite the way MS document it. Noone (and that seems
> to include any MS people you ask) knows what it really does, but it appears to
> be only an advisory lock since if you artficially induce thrashing, you get a
> page fault when you try to access the VirtualLock()'d pages. I covered the

I belive this is the case for just about all operating systems that have a
'keep in memory' system call. It is nothing to do with 'password' security,
rather a very strong hint that we don't want the memory swapped out. Real
Time OSs may actually implement a no swap/page policy but this is very
dangerous on a multi-user system. Just because the system call claims to
implement something that looks like a 'no-swap' policy, does not mean it is
true.

eric

• Next message: Julian Assange: "Re: RSA's SecurPC not-so-"Secur""
• Previous message: Robert Hettinga: "First meeting of DCS-NY -- The Digital Commerce Society of New York"
• Next in thread: Julian Assange: "Re: RSA's SecurPC not-so-"Secur""
• Reply: Julian Assange: "Re: RSA's SecurPC not-so-"Secur""